Subscribe to the Non-Human & AI Identity Journal

Forums
The Non-Human & AI ...
NHI, AI & IAM Suppo...
AUSTRAC compliance ...
 
Notifications
Clear all

AUSTRAC compliance for VASPs: what crypto teams need to know

 
    Last Post
  RSS

 NHI Mgmt Group
(@nhi-mgmt-group)
Member Moderator
Joined: 1 year ago
Posts: 4368
Topic starter 10/06/2026 10:46 pm  

TL;DR: Australia’s crypto market is projected to reach 11.38 million users by 2025, while regulatory uncertainty and tighter AUSTRAC scrutiny are pushing VASPs toward stronger AML/CFT controls, structured enrolment, and better records, according to SumSub. For IAM and compliance teams, the lesson is that identity proofing, monitoring, and evidence retention now sit inside the same governance problem.

NHIMG editorial — based on content published by SumSub: Practical Guide to AML/CFT Compliance for VASPs under AUSTRAC

Questions worth separating out

Q: How should VASPs build AML/CFT controls that hold up under AUSTRAC scrutiny?

A: VASPs should build AML/CFT controls as an end-to-end identity governance process, not a collection of isolated checks.

Q: Why do crypto onboarding and compliance often drift apart in regulated environments?

A: They drift apart when onboarding is designed for speed while compliance is designed for proof.

Q: What breaks when VASPs treat verification as a one-time check?

A: A one-time check breaks the link between identity assurance and ongoing risk management.

Practitioner guidance

  • Separate compliance ownership from operational execution Assign clear owners for AUSTRAC enrolment, AML/CTF program maintenance, suspicious transaction review, and record retention.
  • Tie customer due diligence to ongoing transaction monitoring Make sure identity proofing outcomes feed into monitoring rules and escalation logic.
  • Require durable evidence trails from verification workflows Choose verification processes that preserve reviewable records for decisions, exceptions, and rechecks.

What's in the full article

SumSub's full guide covers the operational detail this post intentionally leaves for the source:

  • A 6-step AML/CTF compliance template that moves from AUSTRAC enrolment to ongoing recordkeeping.
  • Guidance on choosing a verification partner based on compliance, fraud prevention, and onboarding scale.
  • Examples from crypto operators showing how verification workflows were applied in practice.
  • A practical checklist for aligning suspicious transaction reporting with controlled evidence capture.

👉 Read SumSub's practical guide to AML/CFT compliance for Australian VASPs →

AUSTRAC compliance for VASPs: what crypto teams need to know?

Explore further

View Full Forum →  |  NHI Foundation Course →



   
Quote
Topic Tags
sumsub crypto-compliance aml-cft regulatory-governance identity-verification
Forum Jump:
  Previous Topic
Next Topic  
Related Topics
Topic Tags:  sumsub (81) , crypto-compliance (4) , aml-cft (2) , regulatory-governance (5) , identity-verification (44) ,
Share:

#1 Authority in NHI Education, Research and Advisory, empowering organizations to tackle the critical risks posed by Non-Human Identities (NHIs), including AI Agents.

Get in Touch

Quick Links

Legal & Policies

©2025 NHIMG. All right reserved.